Hi,
I'm using Apache httpd to act as a reverse proxy and I'd like to block
access to all but explicitly listed resources.
I've come up with two possible solutions that i'd like to check with more
experienced mod_rewrite users.
Is there any difference between the two approaches below from performance
or other points of view?
I expect the set of allowed resources to be probably below 30.
I'm also planning on employing other Apache modules in the proxy such as
mod_cache and possibly mod_security.
# method A: one rule with several conditions.
# allow access to resources starting with /foo/, /bar/ or /baz/; block
others
RewriteCond %{REQUEST_URI} ^/foo/ [OR]
RewriteCond %{REQUEST_URI} ^/bar/ [OR]
RewriteCond %{REQUEST_URI} ^/baz/
RewriteRule ^ - [P]
RewriteRule ^ - [F]
# method B, multiple rules without conditions
# allow access to resources starting with /foo/, /bar/ or /baz/; block
others
RewriteRule ^/foo/ - [P]
RewriteRule ^/bar/ - [P]
RewriteRule ^/baz/ - [P]
RewriteRule ^ - [F]
All requests are currently proxied to the backend server simply using:
ProxyPass / ajp://127.0.0.1:8009/
marko
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|